Last updated: March 9, 2026
Photis ("we," "our," or "the app") is a gratitude journaling app built by SealAI. We take your privacy seriously. This policy explains what data we collect, how we use it, and how you can control it.
Account information. When you sign in with Apple or Google, we receive your email address (or an Apple-provided relay address) and a unique user ID. We use this solely for authentication and syncing your data across devices.
Journal entries. The text you type or speak, along with timestamps. Entries are stored locally on your device and synced to our cloud database (hosted on Supabase) so you can access them if you switch devices.
Voice recordings. When you use voice input, audio is recorded temporarily on your device. The audio is sent to OpenAI's API (GPT-4o) for transcription and analysis, then deleted from your device immediately after processing. We do not store your audio recordings on our servers.
AI-generated metadata. Our AI analyzes your entries to extract emotions, themes, tags, entities (people, places, things mentioned), key points, and sentiment scores. This metadata is stored alongside your entries.
Health data. If you opt in via Settings, we read the following data from Apple HealthKit: heart rate variability (HRV), resting heart rate, heart rate, sleep analysis, active energy, and step count. This data is stored locally on your device only and is never sent to our servers or any third party. We also write mindful session records to Apple Health when you complete a journal entry, so your reflection practice appears alongside your other wellness data. All HealthKit integration is entirely opt-in and can be disabled at any time in Settings.
AI-powered prompts. To generate personalized reflection prompts, we send excerpts from your recent journal entries (up to 200 characters each), along with your most frequent tags, entities, and dominant emotion, to OpenAI's GPT-4o API. This data is processed in accordance with OpenAI's API data usage policy and is not used to train their models.
Error logs. If the app encounters an error, we log diagnostic information (error message, context, and your email) to help us fix bugs during the beta period.
Your journal entries and voice recordings are sent to OpenAI's GPT-4o API for transcription, analysis, and insight generation. Excerpts from your entries are also used to generate personalized prompts. OpenAI processes this data according to their API data usage policy, which states that API inputs and outputs are not used to train their models.
We use your data to provide the core app functionality: storing your entries, generating AI insights, syncing across devices, generating personalized prompts, and (if opted in) reading health data to surface correlations between your gratitude practice and your physical wellbeing. We do not sell your data to anyone. We do not use your data for advertising.
On your device. All journal entries, health data, and preferences are stored locally using an on-device database (WatermelonDB/SQLite). The app works fully offline.
In the cloud. Journal entries and account information are synced to Supabase (hosted on AWS). Access is restricted so that only you can read your own entries. Health data is never uploaded to the cloud.
Third-party processing. Voice audio, entry text, and entry excerpts are sent to OpenAI's API for AI analysis and personalized prompt generation. We do not send health data to any third party.
Export your data. You can export all of your data as a JSON file at any time from Settings → Export My Data.
Delete your account. You can permanently delete all of your data (both cloud and local) from Settings → Delete Account. This action is immediate and irreversible.
Health data. Apple HealthKit integration is entirely opt-in. You can enable or disable it at any time in Settings. When disabled, no health data is read or stored. You can also revoke HealthKit permissions at any time from iOS Settings → Health → Data Access & Devices.
Data is encrypted in transit using HTTPS/TLS. Our cloud database uses Supabase's row-level security, ensuring only authenticated users can access their own data. We do not store voice recordings on our servers — audio is processed and immediately deleted from your device. Health data never leaves your device.
Photis is not intended for children under 13. We do not knowingly collect data from children under 13. If you believe we have, please contact us and we will delete it.
We may update this policy as we develop new features. We'll update the "last updated" date at the top and, for significant changes, notify you in the app.
If you have questions about this privacy policy or your data, contact us at:
SealAI